Fraud Prevention Blog

Oct 5, 2013 - The Bank of the Future — BSA and AML Compliance

Posted by Sean Trundy on Fri, Oct 04, 2013 @ 03:23 PM

This article was originally published on CBinsight.com

The Best Way to really "Know Your Customer"

If you are involved in bank operations management, then you already know that your bank is required to authenticate customer ID documents. Still many banks don’t do this well, and are exposed to compliance-related fines.

What if … You could enhance compliance and position your bank to attract new customers?

Topics: regulatory compliance, red flag rules, anti-money laundering, ID Verification

Apr. 01, 2013 - Red Flag Rules - Myths & Misconceptions

Posted by Sean Trundy on Mon, Apr 01, 2013 @ 09:19 AM

Topics: identity theft, red flag rules, verification of ID

Compliance with AML Regulations via ID Authentication

Posted by Sean Trundy on Tue, Sep 11, 2012 @ 03:02 PM

There are a number of ways to achieve compliance with anti money laundering regulations by authenticating ID documents.  Relying on the skill of bank managers, clerks and other front line applicant processors is not one of them. 

Topics: red flag rules, bank secrecy act, authenticating driver's licenses, ID Verification

Identity Theft Prevention: The Red Flags Rule

Posted by Gary Satanovsky on Fri, Dec 09, 2011 @ 04:06 AM

I n the ongoing war against identity theft, individual battles are constantly being waged and won yet the overall threat evolves and remains still potent. The tactic in deterring identity thieves evolves also, as government legislation modifies previous government legislation to keep ahead of emerging trends.

One such evolving legislative act is the Fair and Accurate Credit Transactions Act (FACTA), which itself was an outgrowth of the Fair Credit Reporting Act. Created during the strong growth in credit lending, as banks became increasingly reliant on measures of creditworthiness in granting loans, the FCRA set out to standardize the customer creditworthiness checks and provided a method by which consumers could challenge some of the findings on those reports.

The FCRA still recognized the identity theft was a serious issue, and provided a way victims could erase any negative marks on their credit report that arose from identity theft. But it did nothing to stem the tide of identity theft cases -- until the addition of the FACTA rule.

It was on the last day of October of 2007 that Section 114 of FACTA was finalized; and a week later until was published. A testament to the newfound urgency in deterring identity theft, the section was developed in a joint effort between the Federal Trade Commission and five different Federal financial regulatory agencies, including the Office of the Comptroller of Currency and Federal Deposit Insurance Corporation.

Its Red Flag Rules explicitly mandated specific programs to identify weak points in creditor’s business models, as well as programs to quickly detect possible exploitations of these weaknesses. Finally, the rules called for developing a program which, by means of the first two would prevent and deter identity theft.

At the same time, realizing the identity theft expanded from just a few localized industries to penetrate just about every economic sector, the new statutes broadened the definition of covered creditors to include even non-financial ones: car and boat dealerships, telecommunications firms (think cellphone contracts), medical care providers and many others.

Several delays have pushed back the effective date of the Red Flags Rule, giving more times for businesses to prepare, but they are finally coming into force. That means if you haven’t paid attention to it before, and If your business provides covered accounts - “covering” the cost of a product or service until the buyer can pay back over time - these rules apply to you. You are now required to:
  • Understand the risks specific to your industry or business sector.
    Consider what kind of covered accounts does your business provides. How do the account holders open and access them? If, for instance, you run medical practice, your vulnerabilities lie in individuals seeking advice or treatment under false identities. They may present a social security card with a fake number (SSN ranges typically correlate to year of birth), or a document showing a different address than stated on their form. Employees handling such documents must be sufficiently trained in verifying them.
     
  • Detecting possible “Red Flags” of Identity Theft
    Once you have identified where the vulnerabilities to identity theft in your business lie, you can devote extra resources to plugging them. Returning to the case of the hypothetical medical practice, a patient presenting an obviously fake identity document would certainly raise some questions, as would the more subtle red flags such as medical histories inconsistent with treatment given, or a patient presenting bills for medical services they did not receive.
  • Respond to Identity Theft
    Long before uncovering possible incidents of identity theft, institutions must have in place a procedure to deal with them. This can include monitoring, and when appropriate closing or freezing questionable accounts, changing passwords of other security barriers associated with it, and notifying the customer of the potential breach.

While only you, as the most familar with your business, can figure out its potential vulnerabilities, you do have help with detection and response. Key to both, and highlighted by the FTC itself is reliable identity verification. This doesn’t just mean checking the document bearer’s name against the ID document, but mechanically checking the authenticity of that ID.

Topics: red flag rules, verification of ID, counterfeit fraud prevention

ID Verification: Red Flags and Customer ID Programs

Posted by Gary Satanovsky on Mon, Nov 21, 2011 @ 12:25 PM

If you have followed the news at all lately, you have likely heard that financial institutions of all stripes are coming under greater scrutiny, with proposals for ever-tighter regulation still on the horizon. This includes not only bank lending and deposit activities, but also the manner in which all institutions vet their clients - former, current and future. In large part this is an attempt to mitigate identity theft. Creative identity thieves have been able to steal personal identification information  from thousands of accounts. Creating false identities and fake ID Documents to open new lines of credit has become easier than ever.

Topics: regulatory compliance, red flag rules, anti-money laundering, bank secrecy act, counterfeit ID, ID Verification, fraud prevention

New Account BSA Identity Theft Prevention Compliance

Posted by Sean Trundy on Mon, Sep 19, 2011 @ 11:22 AM

Scenario:  A financial institution is opening a new branch, and is starting a major local PR blitz for new customer acquisition.  Great incentives are being offered for new account holders, and a large response is anticipated.  How does the bank process a flurry of new applications, yet conduct thorough “trust” identification verifications in a timely manner to prevent identity theft? 

Topics: identity theft, regulatory compliance, red flag rules, verification of ID, anti-money laundering, bank secrecy act, authenticating driver's licenses, counterfeit ID, fraud prevention

Title 31 - Strategy for Casino Fraud Prevention & Regulatory Compliance

Posted by Sean Trundy on Mon, Jun 14, 2010 @ 04:40 AM

Burden, or Benefit?

Topics: regulatory compliance, red flag rules, verification of ID, Title 31, counterfeit fraud, fraud prevention

Part IV - Red Flag Rules Program Elements

Posted by Sean Trundy on Wed, Jun 09, 2010 @ 09:28 AM

Part 4 of a four-part Process for Setting-up a Red Flag Rules Compliance Policy

UPDATING THE PROGRAM

Topics: identity theft, regulatory compliance, red flag rules, verification of ID

Counterfeit Fraud in the Casino: An Overview

Posted by Sean Trundy on Mon, Jun 07, 2010 @ 02:55 PM

Casino environments are beset by opportunities to experience losses from counterfeit fraud. Regardless of whether they are the focus of an organized crime ring, or of the casual independent fraudster, gaming establishments can be victimized at numerous points of transaction within their operations.

Topics: identity theft, red flag rules, verification of ID, counterfeit money, counterfeit fraud, fraud prevention

RED FLAG RULES - Part III, Prepare Appropriate Responses

Posted by Sean Trundy on Tue, Jun 01, 2010 @ 03:43 PM

If your organization is involved in the financial services industry, or in any way has a regular practice of "extending, renewing or continuing credit" to your customers, then June 1st, 2010 is an important deadline for you. This is when the Red Flag Rules finally kick-in for any organization that handles certain transactions types.

The Red Flag Rule requires that organizations handling "covered" transactions must develop and implement a written "Identity Theft Prevention Program" to DETECT, PREVENT and MITIGATE identity theft.

Topics: identity theft, regulatory compliance, red flag rules